Re: [Secdispatch] Document that registers the SECG secp256k1 elliptic curve
Phillip Hallam-Baker <phill@hallambaker.com> Mon, 04 June 2018 19:15 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 37E7A130DD1 for <secdispatch@ietfa.amsl.com>; Mon, 4 Jun 2018 12:15:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.402
X-Spam-Level:
X-Spam-Status: No, score=-1.402 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.248, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O4RZME6hz5UE for <secdispatch@ietfa.amsl.com>; Mon, 4 Jun 2018 12:15:09 -0700 (PDT)
Received: from mail-ot0-x235.google.com (mail-ot0-x235.google.com [IPv6:2607:f8b0:4003:c0f::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 56820130DCE for <secdispatch@ietf.org>; Mon, 4 Jun 2018 12:15:09 -0700 (PDT)
Received: by mail-ot0-x235.google.com with SMTP id i19-v6so8495942otk.10 for <secdispatch@ietf.org>; Mon, 04 Jun 2018 12:15:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=4bEcyPccmOaIflQA2qQ6/jFJ7LaMzkSZHNq/LeNmhag=; b=Y7bbqrRD7RZSx32uyxv1yTIR9AUp0OtjkGoK5S6VwyJGc4KaJVhwVx3lBbm9fACRL0 H+P1R0O0yQllGpfMpCvudzL/R1KT6Ni8NCTXoHyEeLU5ktHjhigOkzc7hLhI53Ztwl4S IEDHeZUJjNg9Y4F6byPiVQoFyU17PHQ70kh54meRAp+q/tK9n0pIkYG3wcVJwLWs75nZ gsBkDZ1uVSTCSEtEW85GwRpSfYp6yo4m3AvgQIaACDtnyFI2IUjCtXnVfs4DlJTPaKU9 VCXk5rJ1sx4euKanB2ol8pcN6rXNrRfmllWTcKscbAuhf0thi1NuUuH+xn7DBQzyb2TC sX3A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=4bEcyPccmOaIflQA2qQ6/jFJ7LaMzkSZHNq/LeNmhag=; b=SctpZkFRQtUYXNXYEFKotezxAW+kW1MUf9eZnNwf45o7aV70twmGU6SonEHXWy96VC Veqe2n8wsCESzYvG0TohgtE9doWYCRc49S7gryE3X6kYNbw1/oBMptOPkSOsVKTIc/fX IwvipMvN/7uRa1jmrLFpKXh4FhC21lXRtUQQz4I0GvixGAE4In8sJjJRSRa4NpfXbIOc rQu6Z0b6FF8vc2F0jVFA8XeEJivl9sYXLleo21lhCsNMkytqtgCc8kbSyOFQeVz1S19T TKnCFfmNbEb7JKAqaHVbhNQ/PUIG19VviVX4DUn/31MJ4iI1k/zH1O/YQDMHXzIJGAa0 yC8Q==
X-Gm-Message-State: APt69E3e00b7XNhjKvJLc0F6eq/PjeQ3MY1D0Dv3Va0QridHxYJdEA9c FuoroeGsCx0QEgONg0QucCsIoyZdPM3PJEmrBVY=
X-Google-Smtp-Source: ADUXVKJXCCiCL/Ry5fnRbjmvASrfPadUa64ltnWCp8hmNhZsz92yALFSswxestzpVzhUM0pxC9V2hbr6vnR3vZRTiK0=
X-Received: by 2002:a9d:21a1:: with SMTP id s30-v6mr2051765otb.218.1528139708694; Mon, 04 Jun 2018 12:15:08 -0700 (PDT)
MIME-Version: 1.0
Sender: hallam@gmail.com
Received: by 2002:a9d:23:0:0:0:0:0 with HTTP; Mon, 4 Jun 2018 12:15:08 -0700 (PDT)
In-Reply-To: <BL0PR00MB02927CDBA6AE65BB7979118FF5670@BL0PR00MB0292.namprd00.prod.outlook.com>
References: <BL0PR00MB02927CDBA6AE65BB7979118FF5670@BL0PR00MB0292.namprd00.prod.outlook.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Mon, 04 Jun 2018 15:15:08 -0400
X-Google-Sender-Auth: aNWIXLCNeDqGXzbKI3qbqMgZ4oQ
Message-ID: <CAMm+Lwgf9nwPdhT7Gdex+mRhdRyfstwyYk-znpWFmaRchM_8vA@mail.gmail.com>
To: Mike Jones <Michael.Jones=40microsoft.com@dmarc.ietf.org>
Cc: "secdispatch@ietf.org" <secdispatch@ietf.org>, Benjamin Kaduk <kaduk@mit.edu>
Content-Type: multipart/alternative; boundary="000000000000810411056dd5c098"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/559v-SbVY81wCGb5RrBjO4m9s24>
Subject: Re: [Secdispatch] Document that registers the SECG secp256k1 elliptic curve
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Jun 2018 19:15:12 -0000
If we are going to register algorithms, perhaps we could do all of them in one doc including ASN.1 OIDS. These need not be new code points if already specified but we should have one OID for IETF purposes per algorithm wherever possible. On Mon, Jun 4, 2018 at 3:12 PM, Mike Jones < Michael.Jones=40microsoft.com@dmarc.ietf.org> wrote: > This note is soliciting feedback on the best path for > https://tools.ietf.org/html/draft-jones-webauthn-secp256k1-00 to become > an RFC. Its purpose is very specific and narrow: It registers JOSE and > COSE curve identifiers for the SECG secp256k1 elliptic curve and associated > algorithm identifiers. This is used by FIDO UAF, the W3C Verifiable > Claims interest group, and several blockchain projects. I want to get > standard identifiers registered so these projects can use standards-based, > rather than ad-hoc, cryptographic representations. Given the widespread > use of this curve and algorithm, I would like this spec to become an RFC so > that the small integer values can be assigned for COSE, per the “Standards > Action” requirement for the Label assignment in the registry policy at > https://tools.ietf.org/html/rfc8152#section-16.2. I believe it’s also > very likely that some IETF specifications will end up using these > registrations as well. > > > > As background, I’d committed to the W3C Web Authentication (WebAuthn) > working group and the FIDO Alliance to register all the algorithms used by > their specifications that do not have current IANA registrations for JOSE > and COSE. https://tools.ietf.org/html/draft-jones-webauthn-cose- > algorithms-01 started this process by registering additional RSA > algorithms (with help from Jim Schaad, Sean Turner, and others). The next > step in this process is registering the SECG secp256k1 elliptic curve and > associated algorithm identifiers. > > > > Ben Kaduk suggested that I ask SecDispatch for input on the best path > forward. For instance, is anyone interested in reviewing the document or > being the document shepherd? I believe that Area Director sponsorship > probably makes the best sense for this very targeted document but am open > to other options. I know that the W3C and the FIDO Alliance would > appreciate having a path forward for these registrations. > > > > Thanks for your feedback. > > > > -- Mike > > > > _______________________________________________ > Secdispatch mailing list > Secdispatch@ietf.org > https://www.ietf.org/mailman/listinfo/secdispatch > >
- Re: [Secdispatch] Document that registers the SEC… Mike Jones
- Re: [Secdispatch] Document that registers the SEC… Phillip Hallam-Baker
- Re: [Secdispatch] Document that registers the SEC… Mike Jones
- [Secdispatch] Document that registers the SECG se… Mike Jones
- Re: [Secdispatch] Document that registers the SEC… Phillip Hallam-Baker
- Re: [Secdispatch] Document that registers the SEC… John Menerick
- Re: [Secdispatch] Document that registers the SEC… Michael Richardson